Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 10, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
252221	5	警告	IBM	-	IBM WebSphere Application Server の org.apache.jasper.runtime.JspWriterImpl.response におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1318	2011-04-7 15:25	2010-09-22	Show	GitHub Exploit DB Packet Storm

252222	5	警告	IBM	-	IBM WebSphere Application Server の Session Initiation Protocol におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1316	2011-04-7 15:23	2010-09-23	Show	GitHub Exploit DB Packet Storm

252223	5	警告	IBM	-	IBM WebSphere Application Server のメッセージングエンジンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1315	2011-04-7 15:21	2010-09-30	Show	GitHub Exploit DB Packet Storm

252224	5	警告	IBM	-	IBM WebSphere Application Server の Service Integration Bus メッセージングエンジンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-1314	2011-04-7 15:19	2010-08-4	Show	GitHub Exploit DB Packet Storm

252225	4	警告	IBM	-	IBM WebSphere Application Server の管理コンソールコンポーネントにおけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1312	2011-04-7 15:15	2009-06-11	Show	GitHub Exploit DB Packet Storm

252226	4	警告	サイバートラスト株式会社レッドハット	-	vsftpd の vsf_filename_passes_filter 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2011-0762	2011-04-7 14:31	2011-03-2	Show	GitHub Exploit DB Packet Storm

252227	6	警告	IBM	-	IBM WebSphere Application Server のセキュリティコンポーネントにおける権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2011-1311	2011-04-7 14:28	2010-10-28	Show	GitHub Exploit DB Packet Storm

252228	5	警告	レッドハット	-	Linux SCSI target framework の iscsi_rx_handler 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2011-0001	2011-04-7 14:24	2011-03-9	Show	GitHub Exploit DB Packet Storm

252229	4.3	警告	アップル	-	複数の Apple 製品の WebKit におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2011-0163	2011-04-7 14:20	2011-03-11	Show	GitHub Exploit DB Packet Storm

252230	4.3	警告	アップル	-	複数の Apple 製品の WebKit における CSS のトークンシーケンスを挿入される脆弱性	CWE-20 CWE-264	CVE-2011-0161	2011-04-7 14:16	2011-03-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 10, 2026, 4:58 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
276941	-		nibbleblog	nibbleblog	Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) author_name or (2) content parameter to index.…	CWE-79 Cross-site Scripting	CVE-2014-8996	2024-11-21 11:20	2014-11-20	Show	GitHub Exploit DB Packet Storm

276942	-		maarch	letterbox	SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie.	CWE-89 SQL Injection	CVE-2014-8995	2024-11-21 11:20	2014-11-20	Show	GitHub Exploit DB Packet Storm

276943	-		megnicholas	clean_and_simple_contact_form	Cross-site scripting (XSS) vulnerability in the Contact Form Clean and Simple (clean-and-simple-contact-form-by-meg-nicholas) plugin 4.4.0 and earlier for WordPress allows remote attackers to inject …	CWE-79 Cross-site Scripting	CVE-2014-8955	2024-11-21 11:20	2014-11-18	Show	GitHub Exploit DB Packet Storm

276944	6.1	MEDIUM Network	php-fusion	phpfusion	A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the CMS admin panel.	CWE-79 Cross-site Scripting	CVE-2014-8597	2024-11-21 11:19	2022-02-18	Show	GitHub Exploit DB Packet Storm

276945	9.8	CRITICAL Network	piwigo	lexiglot	admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields.	CWE-78 OS Command	CVE-2014-8945	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm

276946	5.4	MEDIUM Network	piwigo	lexiglot	Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.	CWE-79 Cross-site Scripting	CVE-2014-8944	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm

276947	8.8	HIGH Network	piwigo	lexiglot	Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2014-8943	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm

276948	8.8	HIGH Network	piwigo	lexiglot	Lexiglot through 2014-11-20 allows CSRF.	CWE-352 Origin Validation Error	CVE-2014-8942	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm

276949	9.8	CRITICAL Network	piwigo	lexiglot	Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI.	CWE-89 SQL Injection	CVE-2014-8941	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm

276950	5.3	MEDIUM Network	piwigo	lexiglot	Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.	CWE-200 Information Exposure	CVE-2014-8940	2024-11-21 11:19	2020-06-2	Show	GitHub Exploit DB Packet Storm